Seatbelts for vm_page_bits() in case a file offset is passed in rather than

the page offset.  If a large file offset was passed in, a large negative
array index could be generated which could cause page faults etc at worst
and file corruption at the least.  (Pages are allocated within file
space on page alignment boundaries, so a file offset being passed in here
is harmless to DTRT.  The case where this was happening has already been
fixed though, this is in case it happens again).

Reviewed by: dyson
This commit is contained in:
Peter Wemm 1998-05-02 03:02:13 +00:00
parent b3a77ee548
commit 3c33646725
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=35612

View File

@ -34,7 +34,7 @@
* SUCH DAMAGE.
*
* from: @(#)vm_page.c 7.4 (Berkeley) 5/7/91
* $Id: vm_page.c,v 1.97 1998/03/16 01:55:55 dyson Exp $
* $Id: vm_page.c,v 1.98 1998/04/15 17:47:38 bde Exp $
*/
/*
@ -1429,11 +1429,12 @@ vm_page_bits(int base, int size)
return VM_PAGE_BITS_ALL;
size = (size + DEV_BSIZE - 1) & ~(DEV_BSIZE - 1);
base &= PAGE_MASK;
if (size > PAGE_SIZE - base) {
size = PAGE_SIZE - base;
}
base = (base % PAGE_SIZE) / DEV_BSIZE;
base = base / DEV_BSIZE;
chunk = vm_page_dev_bsize_chunks[size / DEV_BSIZE];
return (chunk << base) & VM_PAGE_BITS_ALL;
}